An IT department has given a vendor remote access to the internal network for troubleshooting network performance problems. After discovering the remote activity during a firewall log review, which of the following is the BEST course of action for an information security manager?
A. Revoke the access.
B. Review the related service level agreement (SLA).
C. Determine the level of access granted.
D. Declare a security incident.
A. Revoke the access.
B. Review the related service level agreement (SLA).
C. Determine the level of access granted.
D. Declare a security incident.